Critical GVfs Vulnerabilities in Ubuntu Allow Remote Code Execution

Critical GVfs Vulnerabilities in Ubuntu Allow Remote Code Execution

First seen 23 Mar 2026, 16:59 UTC UbuntuLinuxsecurity 88% similarity 72.0

Article Content

Browse articles
ThreatCluster

On March 23, 2026, two serious vulnerabilities were reported in the GVfs FTP backend affecting Ubuntu 25.10, 24.04 LTS, and 22.04 LTS. The vulnerabilities, identified as CVE-2026-28295 and CVE-2026-28296, were published on February 26, 2026. The first vulnerability allows a malicious remote server to scan for open ports by improperly handling IP addresses and ports. The second vulnerability enables a remote attacker to inject arbitrary FTP commands or execute arbitrary code by mishandling crafted file paths. Users are advised to update their systems to the latest package versions to mitigate these risks. A system restart is required after the update to apply the changes. The vulnerabilities pose a significant risk to users of the affected Ubuntu versions, necessitating immediate action.

Key Points: • Two critical vulnerabilities in GVfs allow remote code execution. • Affected Ubuntu versions include 25.10, 24.04 LTS, and 22.04 LTS. • Users must update their systems and restart sessions to mitigate risks.

ThreatCluster AI

Timeline

2026-02-26
CVE-2026-28295 and CVE-2026-28296 published
2026-03-23
Ubuntu announces vulnerabilities and recommends updates

Community

Browse all →